1. Field of the Invention
The present invention relates to secured memories. More particularly, the present invention relates to a secured memory which provides an authentication protocol for anti-wire tapping and different password sets for reading and writing to secured memory areas by the secured memory user.
2. The Prior Art
The use of plastic cards for payment has existed since the 1950's with the introduction of the Diner's Club card. The explosion in their use since that time has been nothing short of phenomenal. Today, millions of cards are issued annually by different organizations, so that their use for both payment and the recordation of information is now almost universal.
Originally, these plastic cards were embossed and had a signature line which could be used for comparison to maintain security. However, as can be imagined, this was not much of a deterrent to fraud and misuse. The first major security improvement was the addition of a magnetic stripe on the back of the embossed card. Plastic cards with a magnetic stripe are probably the most popular form of payment and information card available today. The memory storage provided by the magnetic stripe also permitted the recordation of far greater amounts of information than could be embossed on the face of a plastic card. Though these cards provide some level of protection, it is not all that difficult for the data stored on a magnetic stripe to be read, deleted and rewritten by anyone with access to the appropriate read/write device. Accordingly, it is less than suitable for the storage of confidential data, or for storing a value that can be used in place of currency.
In response to these limitations, a plastic card with a secure memory was developed. These cards are known in the industry as "smart cards". The storage area of the secure memory is often divided into blocks of memory. The object of providing security to a memory is to protect against unauthorized access to and tampering with these blocks. The security is typically provided by some combination of both hardware and software. With a secure memory it is possible to write confidential data that cannot be read or erased, and to prevent writing of data by controlling the reading, writing and erasing with the combination of hardware and software which depend upon particular conditions to occur prior to executing these operations.
An example of a "smart card" with a secure memory, and one which has been widely used is a telephone memory card. These cards are prepaid, and the value stored electronically in the memory is deducted during use by the appropriate amount. Of course, to prevent misuse it is necessary to prevent the user from tampering with the card to increment the stored value. If it were a magnetic stripe card, rewriting a new value to the card could be accomplished easily.
One manner known in the art to prevent tampering with the secured memory to increment a stored value is to provide a secure code that is known only to the issuer of the card. A systematic attack to determine the secure code is deterred by an attempt counter that prevents further use of the card if the number of attempts to present a valid secure code exceeds a predetermined number. When a valid secure code is presented prior to the attempt counter reaching its limit, the attempt counter is reset to zero. Each of these blocks are further protected by an erase code that must be presented before the storage block can be erased. Unfortunately, these erase codes are vulnerable to systematic attack.
Another manner of preventing tampering with telephone memory cards has been to make it virtually impossible to erase a memory cell once it has been written to. For this type of card, a fuse is typically blown which disables the erase function of the memory. Accordingly, as the reduction in the value in the card is made by writing to the memory, the additional value cannot be added to the memory by an erase. Though this is a fairly adequate way to prevent tampering, it is not attractive for the reason that once the value on the card has been depleted, the card cannot be reused by adding additional value to the card.
Another approach taken in the prior art which instead of password protection schemes has been to employ a microprocessor to provide encryption to identify the smart card as a valid smart card. This approach has several problems. First, the microprocessor is expensive, it consumes a lot of power, it requires a substantial amount of code to program it, and some type random access memory is needed. Second the microprocessor cards make the assumption, that the machine employed to read the cards is a legitimate machine. As such, the information provided by the card to the reader can be wire-tapped.
Accordingly, it is an object of the present invention to provide a layer of authentication by cryptography that does not require the use of a microprocessor in the smart card.
Another object of the present invention is to prevent wire-tapping by requiring the smart card and the card reader to authenticate each other using cryptography.
It is a further object of the present invention for each memory zone to be protected by either cryptography, passwords or both.